Hello,
there is a script on our site, that receives this warning from the HackSafe
scanalerts"
------------------------------------------------------------------------------
" ... The remote web application appears to be vulnerable to cross site
scripting (XSS).
General Solution:
HTML encode data before sending it to the browser.
Filtering < and > alone will not solve all cross site scripting attacks.
It is suggested you also attempt to filter out open and closing parenthesis or
convert them to their encoded equivalents. ... "
----------------------------------------------------------------------------
I have gone through the script serveral times and though we had it corrected.
Has anyone on the list experience this problem and may have some suggestions on
how to correct this XSS scripting. This takes a POST from a standard type
registration form.
TIA,
Mike(mickalo)Blezien
===============================
Thunder Rain Internet Publishing
===============================
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/
